Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-11-01
2005-11-01
Morse, Gregory (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S168000
Reexamination Certificate
active
06961857
ABSTRACT:
A method and apparatus for securely establishing voice over Internet Protocol calls are disclosed. In a Registration Security approach, a Gatekeeper sends an Access Token in all Registration Request messages. The Access Token contains information that authenticates the Gateway to the Gatekeeper. The Gatekeeper formats a message to an authentication server that will authenticate the information contained in the token, and the server responds with either an Access-Accept or Access-Reject message. The Gatekeeper responds to the Gateway with either a Registration Confirm message or a Registration Reject message. If a call is then placed from a successfully authenticated Gateway, that Gateway generates a new Access Token that is identical to the one generated during registration, except for the timestamp. The Gatekeeper uses the authentication server to authenticate the originating gateway, before sending the designation side Access Confirm message. As a result, a non-authenticated endpoint that knows a Gateway's address cannot use the Gateway address to circumvent security and access the telephone network to place unauthorized calls or free calls. In Admission or Per-Call Security, a Gateway is also required to include an Access Token in all originating side Admission Request messages. Such token contains information that identifies the user of the Gateway to the Gatekeeper, based on an account number and PIN obtained from the user. The Access Token is authenticated in the manner described above.
REFERENCES:
http://www.cisco.com/warp/public/788/voip/gw—security.html.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t6/gwsecacc.htm.
Menezes et al., Handbook of Applied Cryptography, 1997, CRC Press LLC, pp. 397-405.
“ITU, IETF achieve single standard to bridge circuit-switched and IP-based networks,” Press Release, International Telecommunication Union, Aug. 4, 2000.
“From competition to cooperation: the road to e-commerce,” ITU Plenipotentiary Conference, Oct. 12, 1998.
ITU-T Recommendation H.235, “Security and encryption for H-Series (H.323 and other H.245-based) multimedia terminals,” Table of Contents and Summary, Feb., 1998.
ITU-T Recommendation H.323, “Packet-based multimedia communication systems,” Table of Contents and Summary, Feb., 1998.
S. Kotha, “Deploying H.323 Applications in Cisco Networks,” Cisco Systems, Inc., Jul. 1, 2000.
Overview of H.323, Cisco Systems, Inc., Dec. 18, 2000.
Cisco H.235 Accounting and Security Enhancements for Cisco Gateways, Cisco Systems, Inc., Dec. 13, 1999.
Cisco H.323 Gateway Security and Accounting Enhancements, Cisco Systems, Inc., Dec. 13, 1999.
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Lipman Jacob
Morse Gregory
LandOfFree
Authenticating endpoints of a voice over internet protocol... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Authenticating endpoints of a voice over internet protocol..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authenticating endpoints of a voice over internet protocol... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3512864